Exemplary embodiments described herein relate to systems and methods for network security control.
Information security architects and security operators, as well as governance, risk and compliance (GRC) personnel all face various challenges with respect to validating that security technical controls are in place and functioning for an asset or a group of assets within the corporate computing environment. Furthermore, conventional systems for network monitoring and control typically have limited or no ability to contextualize security and compliance-relevant data from various components of systems for computing, security control, and/or management. Such challenges can be particularly difficult in distributed computing, virtualized computing systems, or “cloud computing” systems, where the components and environment of such systems may change frequently and rapidly.
Additionally, conventional systems for network monitoring and control typically only use data from a single source, or only one type of data (such as network flow data), thereby excluding potential sources of important context-supporting data and providing a one-dimensional, network-protocol-centric view of information flow between networked systems.
Furthermore, conventional systems often do not provide users (such as network administrators, operators, and security architects) with comprehensive and actionable information upon which to base decisions such as whether to permit or deny a particular asset access to services hosted by another asset on the network.
Embodiments of the present disclosure help to address such challenges.